Red Hat Bugzilla – Bug 847620
[FEAT] NFSv3 Authorization rpcsec_gss + krb5 (cluster aware credential cache)
Last modified: 2014-10-26 05:33:38 EDT
Support for rpcsec_gss + krb5 based authentication for NFSv3.
We should not target this specifically for NFSv3. Introducing this auth mode should be usable in RPC between protocol client/server - specifically for usage with gfapi.
This will be supported when nfs-ganesha is used in combination with Gluster. There currently is no intention to add support for rpcsec_gss/krb5 to Gluster/NFS.
sorry does this mean there is no intention to provide secure rpc to gluster sharing at all except through third party layers?
(In reply to Alastair Neil from comment #4)
> sorry does this mean there is no intention to provide secure rpc to gluster
> sharing at all except through third party layers?
This bug/feature was for signed/encrypted support for NFSv3, for which we currently do not have a plan to add. nfs-ganesha is a very feature complete NFS-server and will get more attention to improve support for Gluster.
There is support for SSL encrypted communication between clients and servers (see bug 1114604 for more details). I think a feature request for krb5 signed/encrypted GlusterFS communication would make sense and could get accepted. There does not seem to be such a request yet (or at least I can not find it), so you may want to file a new bug for it against the rpc component: